Corporate spyware protection

Ok, lets try this in the correct forum.

I have taken it upon myself to recommend a supplement to Symantec Endpoint, which, while easy to manage, is terrible at actually removing spyware infections. We currently cannot install Malwarebytes because it is not free for corporate use, and Spybot is only good for so much. It makes spyware infections an enormous pain in our collective asses.

We would prefer that updates be able to be pushed from an internal Windows server and for it to routinely phone home to tell us if it’s the correctly configured. Bonus points if it is capable of being locked down to prevent user tampering, even if the user has admin rights to their PC.

Is Malwarebytes still the best around, or should I look into something else? I’m not responsible for pricing and whatnot, so I’m just looking for what “works” and won’t interfere with SEP.

Why do you want SEP to remain if it’s useless?

Why not replace your entire system with a single more capable anti-virus scanner that will pick up everything? Sohpos, Kaspersky, NOD32 are good places to start looking, depending on how big you are.

Because that would cost the company insane amounts of money. We’re talking 4000+ PCs and dozens of servers.

Edit: We have the infrastructure and support from Symantec that really makes it our best option right now for AV protection. Moving away from Symantec would be crazy expensive and would take far too long. SEP works off the existing infrastructure and adds the off-network intrusion protection that we want, but not the spyware protection. I want to piggy-back that infrastructure to minimize cost and time.

Malwarebytes is still the best around at cleaning up nasty spyware/adware/crapware infections. It also doesn’t seem to have any issues with SAV (which we use as well).

They’re pretty good about discounting for larger corporate purchases (it helps get their product in front of end users, who then might buy it for home use). You can also ask about specific SEP issues (or lack thereof) while asking for a quote.

Did you get hit with the “Antivirus 2009”? That is what prompted corporate to start listening to us about spyware protection. We would have to reimage PCs because we couldn’t really tell users “You may install Malwarebytes, but you will need to separately install the virus definitions and rename the Malwarebytes executable because the virus blocks both. Oh, and you’re completely on your own because we cannot legally install it or support it.”